package com.studyroom.config;

import com.studyroom.component.MyRealm;
import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
import org.apache.shiro.spring.web.config.DefaultShiroFilterChainDefinition;
import org.apache.shiro.web.mgt.CookieRememberMeManager;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.apache.shiro.web.servlet.SimpleCookie;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

@Configuration
public class ShiroConfig {
    @Autowired
    private MyRealm myRealm;
    //配置SecurityManager
    @Bean
    public DefaultWebSecurityManager defaultWebSecurityManager(){
        //1.创建defaultWebSecurityManager对象
        DefaultWebSecurityManager defaultWebSecurityManager = new DefaultWebSecurityManager ();
        //2.创建加密对象,设置相关属性
        HashedCredentialsMatcher matcher = new HashedCredentialsMatcher ();
        //2.1.采用md5加密
        matcher.setHashAlgorithmName ("md5");
        //2.2.采用迭代加密的次数
        matcher.setHashIterations (3);
        //3.将加密对象存储到MyRealm
        myRealm.setCredentialsMatcher (matcher);
        //4.将MyRealm存入到defaultWebSecurityManager对象
        defaultWebSecurityManager.setRealm (myRealm);
        //4.5.设置RememberMe
        //defaultWebSecurityManager.setRememberMeManager (rememberMeManager ());


        return defaultWebSecurityManager;
    }
    //配置Shiro内置过滤器拦截范围
    @Bean
    public DefaultShiroFilterChainDefinition shiroFilterChainDefinition(){
        DefaultShiroFilterChainDefinition definition=new DefaultShiroFilterChainDefinition ();
        //设置不认证可以访问的范围
        /*definition.addPathDefinition ("/user/**","anon");
        //设置需要进行登录认证的拦截范围
        definition.addPathDefinition (("/**"),"authc");*/
        //添加存在用户的过滤器(rememberMe)
        //definition.addPathDefinition ("/**","user");
        return definition;

    }
}
